14 NERC CIP standards. $1.4M/day in penalties for non-compliance. MERIDIAN makes every SCADA command, every access event, and every grid operation cryptographically verifiable in real time — so when auditors arrive, you don't prepare. You just show them the dashboard.
NERC enforcement is active and accelerating. These penalties are real, documented, and growing.
FERC's penalty guidelines allow up to $1.4M per day per violation for CIP non-compliance. Enforcement actions have already cost utilities tens of millions in a single settlement.
Duke Energy: $2.7M · PG&E: $10M settlement · Average enforcement up 340% since 2019Physical attacks on grid infrastructure have surged since 2022. CIP-006 and CIP-014 require logging and attestation of every physical access event. Manual logs don't survive enforcement scrutiny.
NERC GridEx data · DHS CISA advisory AA22-265A · 2023 substation incidentsNERC CIP-015 introduces mandatory internal network security monitoring requirements for high- and medium-impact BES Cyber Systems. Utilities have no compliant tooling today. The deadline is October 2028.
NERC CIP-015-1 · FERC Order 887 · Effective enforcement Q4 2028Six capability areas that together cover every NERC CIP evidence requirement an auditor can ask for.
Every grid operation — breaker operations, setpoint changes, load shedding commands — generates an ML-DSA-65 signed receipt in real time. No operation goes unwitnessed.
ML-DSA-65 · FIPS 204 · per-commandEvery badge swipe, electronic login, and physical access event is cryptographically logged with identity, timestamp, and authorization context. CIP-004 and CIP-006 covered.
CIP-004 · CIP-006 · identity-boundReal-time alerts with immutable evidence chain. Every anomaly — unauthorized access attempt, configuration change, network intrusion — is logged, signed, and time-stamped before alerting.
CIP-007 · CIP-008 · CIP-015Single pane showing compliance status across all 14 CIP standards. Auditor-ready export in one click. Gap analysis auto-updated as your environment changes.
14 CIP standards · real-time · exportableAll signatures use ML-DSA-65 (CRYSTALS-Dilithium), NIST FIPS 204 selected. CNSA 2.0 ready, future-proofed for the 2030 NSA post-quantum mandate. Records signed today remain verifiable in 2040.
CNSA 2.0 · FIPS 204 · 2030 mandate readyAuditors verify any evidence package without network access in 8.6ms. Self-contained signed receipts require no Hive infrastructure, no API call, no internet connection. Air-gapped environments supported.
8.6ms · offline · air-gap readyMERIDIAN generates evidence for every NERC CIP standard in scope. No gaps, no manual log exports, no last-minute audit preparation.
MERIDIAN's compliance dashboard gives you real-time posture across all 14 CIP standards. Every number is backed by a cryptographically signed evidence chain.
MERIDIAN integrates with your existing OT security stack. Your SCADA systems are untouched. Your auditors see results in 30 days.
MERIDIAN is a cryptographic attestation layer, not a replacement. It plugs into the OT security infrastructure you already operate.
See why existing approaches leave utilities exposed — and what MERIDIAN does differently.
| Capability | Manual Logs + Spreadsheets | Existing NERC Tools | MERIDIAN |
|---|---|---|---|
| Real-time attestation | Manual, delayed | Batch, next-day | Sub-second, every event |
| Post-quantum signatures | None | None | ML-DSA-65 / FIPS 204 |
| Court-admissible evidence | Disputed in enforcement | Partial | Cryptographic, tamper-evident |
| CIP-015 ready | Not addressed | Partial roadmap | Fully covered |
| Offline verification | N/A | Requires connectivity | 8.6ms, air-gap ready |
| Cost per signed event | Immeasurable liability | $0.08–$0.40 | Fixed annual — $150K/yr |
| Audit package generation | Weeks of manual work | Days, manual export | One-click, instant |
| SCADA command logging | Incomplete, mutable | Vendor-dependent | 100%, cryptographically signed |
NERC enforcement affects every regulated utility. These are the organizations that move first.
You've received a Notice of Penalty or a compliance violation finding. Your legal team is managing the settlement. You need defensible evidence going forward — and you need it fast.
You coordinate reliability across dozens of member utilities. Each has its own NERC CIP posture, its own audit cycle. Aggregating evidence from all of them is a manual nightmare every quarter.
CIP-015 internal network security monitoring requirements are finalized. The compliance date is October 2028. Most utilities have no tooling that generates the required evidence today. The window to build it is closing.
$150,000/year. $1.4M/day is the alternative.
Pilot deployment in four weeks. Full CIP coverage. Fixed annual cost. No per-event billing. No infrastructure to operate.
Patent Pending · CNSA 2.0 · FIPS 204 · CIP-015 Ready · ML-DSA-65